Password complexity

It is the developers responsibility to prevent users from choosing easy passsword. The complexity checker has a small list of passwords that were published on CNN. These are the first things that a brute force attack will try and use. The weakest password is
the easiest entry point into a system.

Developers should also show users what a good password looks like. Even if the user does not use the recommended password- most of the time he will add some complexity of his own based on the recommendations.